diff options
| author | Gusted <gusted@noreply.codeberg.org> | 2024-04-06 14:21:35 +0200 |
|---|---|---|
| committer | Gusted <gusted@noreply.codeberg.org> | 2024-04-06 14:21:35 +0200 |
| commit | d5fd40821e7778f0ab8ad62d8b4c25e56c0046dc (patch) | |
| tree | 2ed144b7fc3b86f8fa96fea3cd40e80c1f772f49 | |
| parent | Merge pull request '[PORT] Refactor dropzone (#30232)' (#3048) from earl-warr... (diff) | |
| parent | fix: cleanup webfinger URI parsing (diff) | |
| download | forgejo-d5fd40821e7778f0ab8ad62d8b4c25e56c0046dc.tar.xz forgejo-d5fd40821e7778f0ab8ad62d8b4c25e56c0046dc.zip | |
Merge pull request 'feat: extend webfinger to respond to profile page URIs' (#2883) from realaravinth/forgejo:cb-2870 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2883
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
| -rw-r--r-- | routers/web/webfinger.go | 57 | ||||
| -rw-r--r-- | tests/integration/webfinger_test.go | 15 |
2 files changed, 72 insertions, 0 deletions
diff --git a/routers/web/webfinger.go b/routers/web/webfinger.go index e4b2aacce8..099f6236a6 100644 --- a/routers/web/webfinger.go +++ b/routers/web/webfinger.go @@ -64,6 +64,63 @@ func WebfingerQuery(ctx *context.Context) { if u != nil && u.KeepEmailPrivate { err = user_model.ErrUserNotExist{} } + case "https", "http": + if resource.Host != appURL.Host { + ctx.Error(http.StatusBadRequest) + return + } + + p := strings.Trim(resource.Path, "/") + if len(p) == 0 { + ctx.Error(http.StatusNotFound) + return + } + + parts := strings.Split(p, "/") + + switch len(parts) { + case 1: // user + u, err = user_model.GetUserByName(ctx, parts[0]) + case 2: // repository + ctx.Error(http.StatusNotFound) + return + + case 3: + switch parts[2] { + case "issues": + ctx.Error(http.StatusNotFound) + return + + case "pulls": + ctx.Error(http.StatusNotFound) + return + + case "projects": + ctx.Error(http.StatusNotFound) + return + + default: + ctx.Error(http.StatusNotFound) + return + + } + case 4: + //nolint:gocritic + if parts[3] == "teams" { + ctx.Error(http.StatusNotFound) + return + + } else { + ctx.Error(http.StatusNotFound) + return + } + + default: + ctx.Error(http.StatusNotFound) + return + + } + default: ctx.Error(http.StatusBadRequest) return diff --git a/tests/integration/webfinger_test.go b/tests/integration/webfinger_test.go index 55fb211779..825cffed7a 100644 --- a/tests/integration/webfinger_test.go +++ b/tests/integration/webfinger_test.go @@ -66,4 +66,19 @@ func TestWebfinger(t *testing.T) { req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=mailto:%s", user.Email)) MakeRequest(t, req, http.StatusNotFound) + + req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=https://%s/%s/", appURL.Host, user.Name)) + session.MakeRequest(t, req, http.StatusOK) + + req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=https://%s/%s", appURL.Host, user.Name)) + session.MakeRequest(t, req, http.StatusOK) + + req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=http://%s/%s/foo", appURL.Host, user.Name)) + session.MakeRequest(t, req, http.StatusNotFound) + + req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=http://%s", appURL.Host)) + MakeRequest(t, req, http.StatusNotFound) + + req = NewRequest(t, "GET", fmt.Sprintf("/.well-known/webfinger?resource=http://%s/%s/foo", "example.com", user.Name)) + MakeRequest(t, req, http.StatusBadRequest) } |